Accountability policies for the enforcement of the responsible stewardship of personal data have to support the gathering of information at all levels of the service stack and across different policy domains, for instance, for the retrospective enforcement of transparency and remediation properti
Cloud services allow enterprises to outsource non-core aspects of their business to third parties. The complexity of the service provision eco-system may not be visible to an individual or business end user. However, it should ideally be possible to hold each provider accountable for how it manages, uses, and passes on data and other related information. As such, cloud service users may hand over valuable and sensitive information to cloud service providers without an awareness of what they are committing to or understanding of the risks, with no control over what the service does with the data, no knowledge of the potential consequences, or means for redress in the event of a problem.
The Cloud Accountability Project (or A4Cloud for short) focuses on the Accountability For Cloud and Other Future Internet Services as the most critical prerequisite for effective governance and control of corporate and private data processed by cloud-based IT services. The research being conducted in the project will increase trust in cloud computing by devising methods and tools, through which cloud stakeholders can be made accountable for the privacy and confidentiality of information held in the cloud. These methods and tools will combine risk analysis, policy enforcement, monitoring and compliance auditing. They will contribute to the governance of cloud activities, providing transparency and assisting legal, regulatory and socio-economic policy enforcement.
This paper presents a model of accountability for cloud computing services, based on ongoing work as part of the A4Cloud project.
This paper presents StealthGuard, an efficient and provably secure proof of retrievabillity (POR) scheme.
In data protection regulation since the 1980s, accountability has been used in the sense that the ‘data controller’ is responsible for complying with particular data protection legislation and, in most cases, is required to establish systems and processes which
In this paper we propose an approach for enhanced data protection in the cloud, based upon accountability governance.
Join our Mailing List
For the latest information about Cloud Accountability Project please submit your email in the field below.